4.0.11

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-21	CVE-2020-14760	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle	7.5
2020-06-27	CVE-2020-15358	Out-of-bounds Write vulnerability in multiple products In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. local low complexity sqlite canonical apple oracle siemens CWE-787	2.1
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-01-17	CVE-2020-5398	Download of Code Without Integrity Check vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. network high complexity vmware oracle netapp CWE-494	7.5
2019-07-23	CVE-2019-2731	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle	5.4
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	2.6
2018-10-29	CVE-2018-0735	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-07-18	CVE-2018-3071	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). network low complexity oracle netapp canonical	4.0
2018-07-18	CVE-2018-3061	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle netapp canonical	4.0
2017-10-19	CVE-2017-10313	Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). network low complexity oracle	4.0